Language Selection

English French German Italian Portuguese Spanish

Security: PDFs, McAfee, Windows and IPFire on AWS

Filed under
Security
  • Even PDF s can contain JavaScript macros! Why? Adobe Why? – how to disable JavaScript in PDF files

    90% of companies DO NOT NEED JavaScript or macros to run in PDF

  • Rendering McAfee web protection ineffective

    Now that I’m done with Kaspersky, it’s time to look at some other antivirus software. Our guest today is McAfee Total Protection 16.0. Let’s say this up front: it’s nowhere near the mess we’ve seen with Kaspersky. It doesn’t break up your encrypted connections, and the web protection component is limited to the McAfee WebAdvisor browser extension. So the attack surface is quite manageable here. The extension also uses native messaging to communicate with the application, so we won’t see websites taking over this communication channel.

    Of course, browser extensions claiming to protect you from online threats have some rather big shoes to fill. They have to be better than the browser’s built-in malware and phishing protection, not an easy task. In fact, McAfee WebAdvisor “blocks” malicious websites after they already started loading, this being not quite optimal but rather typical for this kind of extension. I also found three issues in the way McAfee WebAdvisor 6.0 was implemented which made its protection far less reliable than it should be.

    [...]

    A bug in the way McAfee WebAdvisor deals with malicious frames made it trivial for websites to avoid blocking. Also, I found ways for websites to unblock content programmatically, both for top-level and frame-level blocking.

    In fact, the way unblocking top-level content was implemented, it allowed arbitrary websites to open special pages. Browsers normally prevent websites from opening these pages to avoid phishing attacks or exploitation of potential security vulnerabilities in browser extensions. McAfee WebAdvisor allowed websites to circumvent this security mechanism.

  • A Window into Malicious Advertising - 61% of malvertising targets Windows devices

    Bad ad campaigns are targeting Windows more often than any other operating system. But should we be surprised? Let's first define a bad ad campaign.

    A bad ad campaign is merely a series of online ads linked to a common threat set, designed to have a malicious effect on the end-user. These campaigns are designed to redirect the user to malicious sites or to trick the user into downloading a piece of malware. Now we are ready to look at the data. Let's dive in!

    The below chart shows all of the new, uniquely defined bad ad campaigns DEVCON observed from July 11 - November 22, 2019.

  • 61% of malicious ads target Windows users

    Most malvertising campaigns (malicious ads) target Windows users, according to statistics shared last week by cyber-security firm Devcon.

  • IPFire on AWS: Update to IPFire 2.23 - Core Update 138

    We are very happy that from week to week, we are gaining more customers for IPFire in the cloud - where you now can manage your network just as you do it in your own data centre.

    In contrast to Amazon’s own features, IPFire is easier to manage, performs just as well, but brings you even more features like standard IPsec VPNs, OpenVPN for on-the-road connectivity to the cloud, Intrusion Prevention for your cloud servers, detailed logging and reporting and many more features.

More in Tux Machines

OpenWiFi Open-Source Linux-compatible WiFi Stack Runs on FPGA Hardware

WiFi is omnipresent on most connected hardware, and when it works it’s great, but when there are issues oftentimes they can not be solved because the firmware is a closed-source binary. Read more

Analyzing Cinnamon keyboard shortcuts

Hello yet again, once again! For those who are not acquainted with this series, I am in an endeavor to analyze keyboard shortcuts in most major DEs so that we, the KDE community, can decide on the best defaults for KDE Plasma. Last time I analyzed MATE, and before that, XFCE. This time we analyze Cinnamon, a non-keyboard-driven environment that quite surprised me. I didn’t recall it was the case (I’ve used Cinnamon as a replacement for Windows 7 for some time in an old machine), but Cinnamon is actually quite similar to Plasma. It has quite surprised me, but this will stay for another day. One thing of note I will do on my next post in the series will be breaking the order I’ve followed until now for which DE to analyze, which was the list I made on the Phabricator task which is being tracked in this blog series. This is so because we’re close to Plasma 5.18, which is an important milestone to KDE—it will be an LTS version which should likely ship with LTS Kubuntu. Thus, I’ll focus first on keyboard-driven environments and speed things up for quicker decision-making. Oh, and I’ve had my birthday on the 12th of December! As a treat to myself, I tweaked the blog a bit. Weirdly enough, if I schedule my posts correctly, this post should be up three days after my birthday, the next should be three days prior to christmas and the next should be three days prior to New Year’s eve! Read more

Best MySQL Clients for Ubuntu

MySQL is very popular and one of the most widely used relational database management systems. Written in C and C++, it was developed and released by Oracle Corporation in mid 1995. Since then its popularity has only one direction i.e. northwards. Reason behind ever increasing popularity is that it is open-source and very easy to use, and integrates with various web apps and tools very easily. LAMP (Linux, Apache, MySQL, PHP) is very popular combination and a backbone of various popular applications. There are many MySQL GUI clients for Windows users but if you’re working on Ubuntu then in this article I’m going to introduce you to the 5 best MySQL clients that you can use on Ubuntu and other Linux distributions. Read more

Prime Numbers, Encryption and the Linux Factor Command

Have you ever needed to print the prime factors of a number on the Linux command line? Me neither. However, a tool does exist for it. Enter the factor command. The factor command is part of the GNU Core Utilities package, therefore it is available on almost any Linux system. This little beauty has the singular purpose of producing the prime factors of any number. To me, this is pretty neat. To anyone interested in learning cryptography or number theory, this may be a useful, if not fun, little utility. Read more